Value Drivers for an Attack Surface Management (ASM) Program
Published by Palo Alto Networks
A few years ago, the term attack surface management (ASM) wasn’t part of the common cybersecurity lexicon. Most organizations employed a few security and IT personnel who could identify their internet-facing assets and manage security hygiene and posture using an assortment of tools like vulnerability scanners, CMDBs, and threat intelligence feeds.
This white paper concludes:
- ASM continues to lag. Despite massive attack surface growth, organizations continue to perform ASM manually, using an assortment of data sources, security/IT tools, and even spreadsheets. Furthermore, organizations only monitor a portion of their attack surface, it takes ample time and resources for attack surface discovery, and most organizations continue to do discovery on a periodic basis. These haphazard steps result in an incomplete and out-of-date picture of the attack surface, leaving organizations vulnerable to attack.
- ASM weaknesses lead to security incidents. While security teams muddle through ASM, sophisticated adversaries use automated scanning tools to quickly identify vulnerable assets for exploitation. The results are alarming—69% of organizations surveyed report that they’ve experienced a cyber-incident resulting from an unknown, unmanaged, or poorly managed internet-facing device.
- It’s time for ASM automation. CISOs can’t bridge the ASM gap with tactical adjustments, but rather need ASM processes and technologies that can address the scale, scope, and dynamic nature of the growing attack surface. New, innovative, and automated security ASM solutions like Cortex Xpanse can discover assets across the internet, collect and centralize the data, provide analytics for risk scoring, and integrate with other security and IT tools for remediation and risk mitigation.
Download to learn more.